Here’s Carol Yin detailing how her movements have been tracked across China since the lockdown came into place. Upon entering a train station, she has been having to share her location data of recent weeks. When booking a taxi, she needs to scan a QR code generated by WeChat or Alipay to “check-in”. The same applies to taking public transport or accessing any building. The tracking is done via a combination of QR codes and location data from the phone providers.

Taiwan set up an ‘electronic fence’: your phone determines whether you are respecting the boundaries of the quarantine or not. Authorities are alerted if you switch it off or as soon as you leave the designated space.

Hong Kong is slapping wristbands upon arrival at its airports. The wristband connects to a smartphone app, StayAtHomeSafe. It generates a unique fingerprint of your house by looking into the signals emitted by the devices surrounding you — nearby WiFi, your WiFi, Bluetooth and cellular. “As you walk around the home, the algorithm on the app will sample the signals of the home.”

Palantir is doing well. “The software company is in discussions with authorities in France, Germany, Austria and Switzerland.”

That said, I worry that we’re going to do what we usually do when in panic mode: introduce purportedly temporary surveillance that ends up staying. We might adopt despotic tech, willingly, because it makes us feel safe without having evidence of any actual benefit. As before, we need to balance our need for security with some level of freedom.

It seems that we need:

A privacy-preserving system to track encounters. Using Bluetooth Low Energy (BLE) to detect nearby devices (= humans) seems to make the most sense to me. There are doubts whether location tracking — done via GPS or phone carriers — can offer a meaningful contribution in defeating the virus. We’re talking about maintaining a 2-meter distance here: GPS accuracy is around 5 meters. We don’t need to know the coordinates, but rather the proximity with other devices. Proximity tracking seems to matter more.

If location is important (e.g. we want to notify everyone who has recently been in a listed hotspot, being it the tube, a public park, or else) guess what: retailers have been surveilling you for a while. You could use beacons in public spaces and WiFi signals to let each smartphone log access locally. The smartphone could then check its recorded path against a hotspot database. No information needs to leave the device (this is MIT’s PrivateKit)

We probably don’t want to share our location data with third parties unless we become infected. We want to collect it locally until it makes sense to share (part of) it. Existing health apps (in the UK: the NHS app, or third parties that work with them such as Babylon) could gain access to this data in a similar fashion as they request access to the health database

A system to alert every user that came into close range with a case for an extended period

Ideally, we wouldn’t get an app. This should be something baked into the OS. Google and Apple should provide privacy settings for contact tracing: that would give us a universal system to collect this kind of data locally and securely. Besides, the utility of such system is null without everyone using it. A pandemic is global: there needs to be a global way of dealing with it.

It is possible to build a system for contact tracing that is also privacy-preserving. Apple does something similar, albeit for other purposes. And there’s already a proposed protocol, the PEPP-PT:

Assign a unique and anonymous ID to every device

When two devices come in close contact for an extended period of time, exchange and log the IDs

When someone is diagnosed with the virus, alert all the logged IDs

Then and only then: ask the affected IDs, via an app, to self-diagnose themselves continuously, and if they report symptoms get them tested (ideally even if not)

You’ll notice that there is no leak of data to the government under this scenario. All the government knows is that an ID needs to be tested.

Especially if the problem is here to stay for a while, we need a solution that doesn’t permanently compromise our freedom. We also need something that all of us can use and trust, independently of the country we inhabit.

Over the years different software have imposed on their users FOMO inducing features that lead us to this ridiculous reality in which we all collectively agreed that a response to a text needs to be returned within minutes, no matter the content nor the urgency.

I sometimes choose emails over texts for this reason. I know — I am weird. BUT! Expectations are different with emails. We read less into it if someone takes a day or longer to get back to us (even though some people are trying to make emails obnoxious too).

Privacy remains one of the big and unresolved issues in our industry and while we often worry about data leaks and agonize over how much companies know about us, we often forget that it’s the small and barely noticeable losses of end-to-end user privacy that affect us socially the most. And while turning every privacy related decision into a setting might be enticing, it’s ultimately shortsighted. Designers are well aware that most users won’t bother changing a default. And the act of changing a default ironically always inadvertently reveals something about users, whether they want or not.

So what does a future that respects people’s micro-privacy feel like?

It’s knowing you can go online without having to fear what our online status may reveal about you. It’s about liking someone’s photo without the anxiety of being called out for it. And above anything, it’s about reading a message, without feeling guilty of not sending an immediate response.

Individuals are unlikely to make much money by selling their own data, yet the same data in the aggregate can be worth a lot. Gregory Barber from Wired recently tried to put his facebook data on the market and managed to make a grand total of 0.3 cents.

The economics here are a bit like the economics of voting. If it were legal, and you tried to sell your vote and your vote alone, you might not get much more than 0.3 cents. That vote is unlikely to prove decisive. Yet average and marginal value do not coincide. If someone could buy a whole block of votes, which in turn could swing an election, the price could be much higher.

We faced several challenges. The deep-learning models need to be shipped as part of the operating system, taking up valuable NAND storage space. They also need to be loaded into RAM and require significant computational time on the GPU and/or CPU. Unlike cloud-based services, whose resources can be dedicated solely to a vision problem, on-device computation must take place while sharing these system resources with other running applications. Finally, the computation must be efficient enough to process a large Photos library in a reasonably short amount of time, but without significant power usage or thermal increase.

Does your iOS app have access to the user’s image library? Do you want to know your user’s movements over the last several years, including what cities they’ve visited, which iPhones they’ve owned and how they travel? Do you want all of that data in less a second? Then this project is for you!

Some 800 pages came back containing information such as my Facebook “likes”, my photos from Instagram (even after I deleted the associated account), my education, the age-rank of men I was interested in, how many times I connected, when and where every online conversation with every single one of my matches happened … the list goes on.

When you combine this with business models that rely not just on advertising, but on promises to investors around novelty in advertising, and machine learning that has proven extremely effective at provoking user engagement, what you end up with is a mobile sensor that can read second-by-second facial expressions and adjust what is being shown in real time with great sophistication. All that’s required is for a company to close the loop between facial sensor and server.

That data is of the spatial variety: the dimensions of a room as well as distances between sofas, tables, lamps and other home furnishings. To a tech industry eager to push “smart” homes controlled by a variety of Internet-enabled devices, that space is the next frontier. […]

With regularly updated maps, Hoffman said, sound systems could match home acoustics, air conditioners could schedule airflow by room and smart lighting could adjust according to the position of windows and time of day.

Here’s how the app works: You sign up using your national ID number. The app uses facial recognition software to locate troves of your personal data collected by the government, and 24 hours later, you’re given one of three “public credit” scores — very good, good, or bad.

Shao says Honest Shanghai draws on up to 3,000 items of information collected from nearly 100 government entities to determine an individual’s public credit score.

In the case of a tool called “Weeping Angel” for attacking Samsung SmartTVs, Wikileaks wrote, “After infestation, Weeping Angel places the target TV in a ‘Fake-Off’ mode, so that the owner falsely believes the TV is off when it is on, In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.”